Connect with us

Hi, what are you looking for?



Growth in Cyber Fraud Attacks Outpacing Growth of Transactions: Report

Cybercrime in 2017

Cybercrime in 2017

The United States is the world’s primary target for cyber fraud attacks. Europe has emerged as the major source of attacks, now accounting for 50% more attacks than the US. The growth in attacks is outpacing the growth of transactions; and in a 90-day period, 130 million fraud attacks were detected.

These details come from the ThreatMetrix Cybercrime Report Q1 2017 (PDF). The report shows that strong economies tend to attack other strong economies, with the USA primarily targeting the USA, Canada and the UK; Germany targeting the USA, the UK and Germany; and the UK targeting the USA, the UK and Ireland. The UK is now one of the world’s largest attack originators.

While this concentration on North America and Europe is partly driven by the expectation of richer targets, it is probably also affected by attackers concentrating on areas where they already understand the local banking and finance methodologies.

The figures come from ThreatMetrix’s analysis of ‘high-risk’ transactions found among the nearly 2 billion transactions it monitors every month. It shows a growth in mobile transactions, a growth in the sophistication of attacks, and an increase of around 23% in the figures from the same period in 2016.

“The complexity and speed of evolving attack vectors continues to take us by surprise,” commented Vanita Pandey, vice president of product marketing at ThreatMetrix. “Fraudsters are operating within a much broader cybercrime landscape; one that shares knowledge, tools and exploits; trades information, tests and refines and constantly analyzes the market for new opportunities.”

Partly this is being driven by the availability of huge volumes of user credentials stolen over the last few years and now readily available on the internet. Although breached organizations are quick to claim that their stolen data was encrypted or hashed, “what is clear,” says the report, “is that identity data is the critical currency in global cybercrime, as fraudsters piece together full and convincing identities which are then used to perpetrate large-scale attacks.”

“Cybercrime,” it adds, “is becoming increasingly automated, sophisticated and is scaling exponentially through well organized crime rings with access to large-scale networks of infected devices available at their disposal to inundate online systems with large volumes of fraudulent transactions. They also use scripts (often in conjunction with bots) to perpetrate such transactions.”

Fintech, unsurprisingly, is a major target. This is set against a background of increasing mobility, digital wallets and online remittances. Digital wallet transactions grew by 80% year-on-year, with a 180% increase in associated bot attacks. “Loan stacking and bustout scenarios are common attack vectors,” explains ThreatMetrix, “where fraudsters capitalize on time delays inherent in reporting loan agreements to credit bureaus. Stolen identity credentials and device spoofing techniques allow cybercriminals to bypass even complex application procedures.”

Advertisement. Scroll to continue reading.

The company warns that attackers have a wide range of attack vectors and tools at their disposal. “Fraudsters have a gamut of threat vectors at their disposal to perpetrate fraud, including Malware, remote access Trojans (RATs), Man-in-the-Middle attacks and automated bot attacks. These are often used in combination to perform mass identity testing attacks (via an advanced bot), and then take over a trusted user account via a Man-in-the-Middle attack and/or RAT.”

Pandey comments, “We saw a number of high-profile global breaches over the last year. Identities are being bought, sold, traded and augmented by criminals seeking to improve the success of their increasingly complex attacks. All of this points to one thing: Identities are the critical currency in cybercrime this year and it is up to businesses to look beyond static data to check that users are who they say they are.”

ThreatMetrix has raised more than $90 million in funding, including $20 million in Series E funding in March 2014, and $30 million in growth funding from Silicon Valley Bank in October 2016.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Kim Larsen is new Chief Information Security Officer at Keepit

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

More People On The Move

Expert Insights

Related Content


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.